Advocating For a More Secure Messaging System
With the onslaught of restricting free speech, it is past time that we work towards moving over to a more secure messaging system. There are plenty out there, some popular, but most of them are not. Here, I will go over a few.
Let me start off by saying that all of these are comparable to Facebook Messenger, which is probably the most used way to communicate today. All of them have individual and group messaging, the basic thing that Facebook Messenger touts. I will not be focusing on games, stickers, chat bots, etc., but more on how easy these are to use, how private they are, and how switching to them is easier than people think.
The first, and arguably the most popular, is WhatsApp. WhatsApp uses the Signal Protocol to encrypt their messages between users. However, WA is owned by Facebook, and recently the former head of WA left Facebook over their decision to implement ads into the platform. WhatsApp's encryption may be one of the most used now, but that doesn't stop Facebook from reading your messages. WhatsApp has voice and video calling as well, all encrypted by the Signal protocol. Their app is closed source, meaning no one can inspect the coding, and verify that the app is doing what it says it is. For these reasons, WhatsApp should be avoided.
The second, and probably first alternative app that most people hear about, is Telegram. Telegram has been growing over the years, mostly advertised as a more secure way to communicate over Facebook Messenger or even WhatsApp. They have a desktop client, which is very handy for those that aren't always on their phone. Telegram is not entirely open source, but partially is. Their encryption protocol is private, and not really tested. Telegram messages also aren't encrypted by default, you have to create private conversations for them to be encrypted. Telegram also has encrypted voice calls, but again, it uses their untested protocol. Telegram also updated their privacy policy to no longer include letting users know when the government requests their data (known as a canary warrant). This is very troubling. Adding to the fact that their protocol has not been verified, Telegram is not recommended.
The next up is Signal. Signal's protocol is the exact same one that WhatsApp uses. In fact, WhatsApp asked Open Whisper Systems (the company behind Signal), to help them implement their protocol into WhatsApp. Signal is open source, their protocol is open source and verified to be secure, but their servers aren't. What does that mean? It means that you can only use the official Signal app to use their system. Facebook Messenger and WhatsApp are like this, whereas Telegram lets you use other programs (Telegram X is a popular example.) Now, this isn't entirely bad, but for those that want to host their own Signal server, you can't. Signal is end to end encrypted by default when you talk to other Signal users, no fiddling with options, and the mobile version can even be used as a text app. Signal also has voice and video chat, all encrypted. The one downside is that they require a phone number to sign up, so if you don't have one, you can't use it. For this reason, Signal is my second recommendation, even if Edward Snowden endorses it.
Lastly, we have Wire. Wire is one of the least popular messaging apps out there, but is not new. It is open source, its servers are open source, and therefore can be used by anyone on any program they want. However, the only real program I have come across to use it is Wire's official app. Wire has all the features of the others: encrypted messaging, encrypted voice and video calls, and a desktop client. The one major bonus to Wire is that you can sign up with just a username. You do not need a phone number, so those you know that don't use a phone, can still sign up on their computer. The one big downside that I know of is that the mobile app cannot be locked with a fingerprint, passcode, or password, unlike Signal. The interface for Wire is easy to use and understand, all the encryption takes place automatically, and I personally have never had an issue with it (though I have barely used it, since no one does). UPDATE It has been shown that Wire keeps all metadata unencrypted. For this, Wire should not be used in any serious way until it gets changed.
Overall, this is, by far, not a very exhaustive list on this subject. There are other protocols and apps that have more encryption, but are less user friendly (such as XMPP or Matrix), but these are 4 of the most talked about apps today. I am currently trying out Riot.IM, a Matrix app, and it has been very enjoyable. Riot is going to have a UI overhaul soon, making it very close to Discord, and when it does, I can see more people switching to it.
The attack on freedom of speech by governments all across the world must not be overlooked. From Russia, to China, to the UK, to the US, and now to Australia, less and less things are allowed to be expressed without direct threat to your freedom. Using these Facebook Messenger alternatives is a great first step, but it must be the right alternative. Facebook owns Instagram and WhatsApp, Google is integrated into many people's lives, and while Apple seems like the privacy conscious person's dream, they aren't.
I can only hope that my message of looking for more privacy in your life starts a trickle of wonder into what is happening around you.
For a more exhaustive list on this subject, check out https://www.securemessagingapps.com/.
Take care, Privacy Bear